-
Notifications
You must be signed in to change notification settings - Fork 3
Kamailio Example
Lorenzo Mangani edited this page May 13, 2017
·
3 revisions
Perform a lookup to cacheep/DNS socket to check if the destination is blocked. If the IP is an offender and non yet blocked we can ban it using cacheep/API docket using an http async query.
- loadmodule "ipops.so" #DNS lookup
- loadmodule "http_async_client.so" #API
- loadmodule "geoip.so" #Lookup for banned IP
- loadmodule "statsd.so #Statistics
if (is_method("REGISTER") || from_uri==myself) {
$var(dns) = $si + ".blacklist.botauro.com";
if (!dns_int_match_ip("$var(dns)", "$si")) {
xlog("L_ALERT", "ip address not associated with hostname: $var(dns)\n");
statsd_set("blacklist.nonblocked.counter,service=kamailio,region=de-west", 1);
if($ua =~ "friendly-scanner|sipcli|VoIP SIP") {
xlog("L_ALERT", "Lets add the ip for block!\n");
$http_req(body) = "{'r_uri':'" + $rU + "', 'message':'" + $ua + "'}";
http_async_query("http://blacklist.xx.com:3001/api/set/$si/6000000", "HTTP_REPLY");
statsd_set("blacklist.sendblockrequest,service=kamailio,region=de-west", 1);
if(geoip_match("$si", "src")) {
xlog("FIRST WE BLOCKED SIP message [$si] from: $gip(src=>cc)\n");
statsd_incr("blacklist.blockedcountry.first,country="+$gip(src=>cc)+",service=kamailio,region=de-west");
}
}
}
else {
if(geoip_match("$si", "src")) {
xlog("REGISTER|INVITE SIP message [$si] from: $gip(src=>cc)\n");
}
statsd_set("blacklist.blocked.completed,service=kamailio,region=de-west", 1);
if(geoip_match("$si", "src")) {
xlog("WE BLOCKED SIP message [$si] from: $gip(src=>cc)\n");
statsd_incr("blacklist.blockedcountry.permanent,country="+$gip(src=>cc)+",service=kamailio,region=de-west");
}
xlog("L_ALERT","DOMAIN BLOCKED: $var(dns)");
sl_send_reply("503","You are blocked");
exit;
}
}